Overview

overview

10

Static

static

10

47569886e7...02.apk

android-9-x86

7

47569886e7...02.apk

android-10-x64

7

47569886e7...02.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102.bin

  • Size

    760KB

  • Sample

    241102-1z831sxbnq

  • MD5

    6e0c858b85abf9555dfebceff728b06a

  • SHA1

    951e0ee39ee179073e1f421a952f3aa44180e5a3

  • SHA256

    47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102

  • SHA512

    4a4987ca136d1dd6a24837ba1581dc2ad3b5e8d746b007f19860eee3cc0fdcab8458745cb36b30707ea5ca2aa3e21cdd0a0ae0733c216c45a01683d2f9bc659c

  • SSDEEP

    12288:64O0Ia1a8LdeYzuNyu7yDH5WmpYshXZPbGwidNpghW:6Vra1a6eYiyEyDH5WmD9idNp/

Score
10/10
spynoteandroidbankerdiscoveryevasionpersistence

Malware Config

Extracted

Family

spynote

C2

192.168.1.12:4433

Targets

    • Target

      47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102.bin

    • Size

      760KB

    • MD5

      6e0c858b85abf9555dfebceff728b06a

    • SHA1

      951e0ee39ee179073e1f421a952f3aa44180e5a3

    • SHA256

      47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102

    • SHA512

      4a4987ca136d1dd6a24837ba1581dc2ad3b5e8d746b007f19860eee3cc0fdcab8458745cb36b30707ea5ca2aa3e21cdd0a0ae0733c216c45a01683d2f9bc659c

    • SSDEEP

      12288:64O0Ia1a8LdeYzuNyu7yDH5WmpYshXZPbGwidNpghW:6Vra1a6eYiyEyDH5WmD9idNp/

    Score
    7/10
    bankerdiscoveryevasionpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Requests enabling of the accessibility settings.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks